-
Notifications
You must be signed in to change notification settings - Fork 303
Expand file tree
/
Copy pathDockerfile.multistage
More file actions
123 lines (95 loc) · 5.02 KB
/
Dockerfile.multistage
File metadata and controls
123 lines (95 loc) · 5.02 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
# =============================================================================
# STAGE 1: Dependencies - Install only what the API needs
# =============================================================================
FROM oven/bun:1.2.8 AS deps
WORKDIR /app
# Copy root workspace config
COPY package.json bun.lock ./
# Strip root package.json to only keep workspaces config.
# The root has frontend deps (design-system, react-dnd, sharp, semantic-release, etc.)
# that the API doesn't need. Removing them cuts ~800 packages from the install.
RUN cat package.json | bun -e " \
const pkg = JSON.parse(await Bun.stdin.text()); \
delete pkg.dependencies; delete pkg.devDependencies; delete pkg.scripts; \
console.log(JSON.stringify(pkg, null, 2));" > package.min.json \
&& mv package.min.json package.json
# Copy only the workspace package.json files the API depends on
COPY packages/auth/package.json ./packages/auth/
COPY packages/db/package.json ./packages/db/
COPY packages/utils/package.json ./packages/utils/
COPY packages/integration-platform/package.json ./packages/integration-platform/
COPY packages/tsconfig/package.json ./packages/tsconfig/
COPY packages/email/package.json ./packages/email/
COPY packages/company/package.json ./packages/company/
# Copy API package.json
COPY apps/api/package.json ./apps/api/
# Install dependencies — skip lifecycle scripts (husky, etc. not needed in Docker)
RUN bun install --ignore-scripts
# =============================================================================
# STAGE 2: Builder - Build workspace packages and NestJS app
# =============================================================================
FROM oven/bun:1.2.8 AS builder
WORKDIR /app
# Copy node_modules first (from deps stage), then source on top.
# This avoids conflicts between workspace symlinks and local node_modules
# that get included from the build context.
COPY --from=deps /app/node_modules ./node_modules
COPY --from=deps /app/package.json ./package.json
COPY --from=deps /app/bun.lock ./bun.lock
# Copy workspace packages source
COPY packages/auth ./packages/auth
COPY packages/db ./packages/db
COPY packages/utils ./packages/utils
COPY packages/integration-platform ./packages/integration-platform
COPY packages/tsconfig ./packages/tsconfig
COPY packages/email ./packages/email
COPY packages/company ./packages/company
# Copy API source
COPY apps/api ./apps/api
# Build db first — generates Prisma client needed by other packages
RUN cd packages/db && bun run build
# Build remaining workspace packages
RUN cd packages/auth && bun run build \
&& cd ../integration-platform && bun run build \
&& cd ../email && bun run build \
&& cd ../company && bun run build
# Generate Prisma schema for API and build NestJS app
RUN cd packages/db && node scripts/combine-schemas.js \
&& cp /app/packages/db/dist/schema.prisma /app/apps/api/prisma/schema.prisma \
&& cd /app/apps/api && bunx prisma generate && bunx nest build
# =============================================================================
# STAGE 3: Production Runtime
# =============================================================================
FROM node:20-slim AS production
# Create non-root user before copying files so COPY --chown can use it
RUN groupadd --system nestjs && useradd --system --gid nestjs --create-home nestjs
WORKDIR /app
RUN chown nestjs:nestjs /app
# Install runtime dependencies
RUN apt-get update && apt-get install -y --no-install-recommends wget openssl && rm -rf /var/lib/apt/lists/*
# Copy built NestJS app
COPY --from=builder --chown=nestjs:nestjs /app/apps/api/dist ./dist
# Copy prisma schema (for reference only — client is already generated in node_modules)
COPY --from=builder --chown=nestjs:nestjs /app/apps/api/prisma ./prisma
# Copy package.json (for any runtime needs)
COPY --from=builder --chown=nestjs:nestjs /app/apps/api/package.json ./package.json
# Copy workspace packages that are referenced by node_modules symlinks
COPY --from=builder --chown=nestjs:nestjs /app/packages/auth ./packages/auth
COPY --from=builder --chown=nestjs:nestjs /app/packages/db ./packages/db
COPY --from=builder --chown=nestjs:nestjs /app/packages/utils ./packages/utils
COPY --from=builder --chown=nestjs:nestjs /app/packages/integration-platform ./packages/integration-platform
COPY --from=builder --chown=nestjs:nestjs /app/packages/tsconfig ./packages/tsconfig
COPY --from=builder --chown=nestjs:nestjs /app/packages/email ./packages/email
COPY --from=builder --chown=nestjs:nestjs /app/packages/company ./packages/company
# Copy production node_modules (includes Prisma client already generated for linux/amd64)
COPY --from=builder --chown=nestjs:nestjs /app/node_modules ./node_modules
# Set production environment
ENV NODE_ENV=production
ENV PORT=3333
USER nestjs
EXPOSE 3333
# Health check
HEALTHCHECK --interval=30s --timeout=3s --start-period=5s --retries=3 \
CMD wget --no-verbose --tries=1 --spider http://localhost:3333/v1/health || exit 1
# Start the application with crash diagnostics
CMD ["node", "--report-on-fatalerror", "--report-compact", "dist/src/main.js"]